<?php
include_once("sessionmanager.php");
initSession();

if (!isset($_SESSION['s_loggedin']) || ($_SESSION['s_loggedin'] == false) || !isset($_SESSION['s_serverurl']) || (strpos($_SERVER['HTTP_HOST'].$_SERVER['PHP_SELF'],$_SESSION['s_serverurl']) === false)) {
	$error_page_code = "timeout";
	include "errorpage.php";
	exit();
}
if (!$_SESSION['s_userman']) {
	$error_page_code = "permission";
	include "errorpage.php";
	exit();
}

include "config.php";
include "languages.php";
include_once "functions.inc.php";
include "attributes.php";

makeheader(USERINFO_TITLE);


mysql_connect($dbhost,$dbusername,$dbpassword);
mysql_select_db($dbname);

if (isset($_GET['order'])) {
	$order = mysql_escape_string($_GET['order'])." ";
	$what = $_GET['order'];
} else {
	$order = "username ";
	$what = "username";
}

if (isset($_GET['how'])) {
	switch ($_GET['how']) {
		case "desc" : $order .= "DESC"; $how_link = "asc"; break;
		default     : $order .= "ASC"; $how_link = "desc"; break;
	}
} else {
	$order .= "ASC";
	$how_link = "desc";
}

if (isset($_GET['activate']) && is_numeric($_GET['activate'])) {
	$userid = (int)$_GET['activate'];
	$query = "UPDATE $utablename SET status='active' WHERE id='$userid'";
	$res = mysql_query($query) or die(mysql_error());
}

if (!isset($_GET['userid'])) {
	echo '
	<table cellpadding="1" cellspacing="0" border="0" align="center" width="90%"><tr><td>
	<table class="standard" cellpadding="4" cellspacing="0" border="0" width="100%">
	<tr class="tblhead"><td colspan="6">'.USERINFO_TITLE.'</td></tr>
	<tr class="firstcolor"><td colspan="6">'.USERINFO_NAMES.':</td></tr>
	<tr class="tblhead">
	<td><a class="link" href="userinfo.php?order=username&amp;how='.(($what == "username") ? $how_link : "asc").'">'.USERINFO_USERNAME.'</a></td>
	<td><a class="link" href="userinfo.php?order=ingame&amp;how='.(($what == "ingame") ? $how_link : "asc").'">'.USERINFO_INGAME.'</a></td>
	<td><a class="link" href="userinfo.php?order=allytag&amp;how='.(($what == "allytag") ? $how_link : "asc").'">'.USERINFO_ALLYTAG.'</a></td>
	<td><a class="link" href="userinfo.php?order=status&amp;how='.(($what == "status") ? $how_link : "asc").'">'.USERINFO_STATUS.'</a></td>
	<td><a class="link" href="userinfo.php?order=logins&amp;how='.(($what == "logins") ? $how_link : "asc").'">'.USERINFO_LOGINS.'</a></td>
	<td><a class="link" href="userinfo.php?order=lastlogin&amp;how='.(($what == "lastlogin") ? $how_link : "asc").'">'.USERINFO_LASTLOGIN.'</a></td>
	</tr>
	';
	$query = "SELECT * FROM $utablename ORDER BY $order";
	$res = mysql_query($query) or die(mysql_error());
	while ($line = mysql_fetch_object($res)) {
		if ($line->lastlogin == "0000-00-00 00:00:00") {
			$lastlogin = "";
		} else {
			$lastlogin = $line->lastlogin;
		}
		echo '<tr class="firstcolor">
		<td align="center"><a class="link" href="userinfo.php?userid='.$line->id.'">'.$line->username.'</a></td>
		<td align="center">'.$line->ingame.'</td>
		<td align="center">'.$line->allytag.'</td>
		<td align="center">'.$line->status.'</td>
		<td align="center">'.$line->logins.'</td>
		<td align="center">'.$lastlogin.'</td>
		</tr>'."\n";
	}

	echo "</table></td></tr></table>\n";

} elseif (isset($_GET['userid']) && is_numeric($_GET['userid'])) {
	$userid = (int)$_GET['userid'];
	$query = "SELECT * FROM $utablename WHERE id='$userid'";
	$res = mysql_query($query) or die(mysql_error());
	if (mysql_num_rows($res) > 0) {
		$line = mysql_fetch_object($res);

		// User Info
		if ($line->status == "email" || $line->status == "admin") {
			$status = $line->status.'&nbsp;&nbsp;&nbsp;&nbsp;<a class="link" href="userinfo.php?activate='.$line->id.'">'.USERINFO_ACTIVATE.'</a>';
		} else {
			$status = $line->status;
		}
		if ($line->lastlogin == "0000-00-00 00:00:00") {
			$lastlogin = USERINFO_NOLOGIN;
		} else {
			$lastlogin = $line->lastlogin;
		}
				
		echo '
		<table cellpadding="1" cellspacing="0" border="0" align="center" width="90%"><tr><td>
		<table class="standard" cellpadding="4" cellspacing="0" border="0" width="100%">
		<tr class="tblhead"><td colspan="2">'.USERINFO_TITLE.'</td></tr>
		<tr class="firstcolor"><td style="width:250px;">'.USERINFO_DETAIL.':</td>
		<td><a class="link" href="usermanagement.php?id='.$line->id.'">'.$line->username.'</a></td></tr>
		<tr class="firstcolor"><td>'.USERINFO_INGAME.':</td><td>'.$line->ingame.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_EMAIL.':</td><td>'.$line->email.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_ALLYTAG.':</td><td>'.$line->allytag.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_UNIVERSE.':</td><td>'.$line->universe.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_OGAMESERVER.':</td><td>'.$line->ogameserver.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_STYLEPATH.':</td><td>'.$line->stylepath.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_STATUS.':</td><td>'.$status.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_LOGINS.':</td><td>'.$line->logins.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_LASTLOGIN.':</td><td>'.$lastlogin.'</td></tr>';
		
		// get other user information
		$query = "SELECT MAX(timevalue) as timevalue FROM $noticetable WHERE userid='".$userid."'";
		$res = mysql_query($query) or die(mysql_error());
		$line = mysql_fetch_object($res);
		if ($line->timevalue) {
			$last_private_notice = date("d.m.Y - H:i:s",$line->timevalue);
		} else {
			$last_private_notice = "";
		}		
		$query = "SELECT count(*) as anzahl FROM $noticetable WHERE userid='".$userid."'";
		$res = mysql_query($query) or die(mysql_error());
		$line = mysql_fetch_object($res);
		$private_notices = $line->anzahl;
		$query = "SELECT MAX(zeit) as timevalue FROM $dbtablename WHERE userid='".$userid."'";
		$res = mysql_query($query) or die(mysql_error());
		$line = mysql_fetch_object($res);
		if ($line->timevalue) {
			$last_galaxyupdate = date("d.m.Y - H:i:s",$line->timevalue);
		} else {
			$last_galaxyupdate = "";
		}
		
		echo '
		<tr class="firstcolor"><td>'.USERINFO_NUMBEROF_NOTICE.':</td><td>'.$private_notices.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_LAST_NOTICE.':</td><td>'.$last_private_notice.'</td></tr>
		<tr class="firstcolor"><td>'.USERINFO_LAST_GALAXYUPDATE.':</td><td>'.$last_galaxyupdate.'</td></tr>
		</table></td></tr>
		';	

		// Galaxy Info
		echo '
		<tr><td>
		<table class="standard" cellpadding="4" cellspacing="0" border="0" width="100%" style="margin-top:50px;">
		';	
		$query = "SELECT galaxie,count(*) as anzahl FROM $dbtablename WHERE userid=$userid AND planet='1' GROUP BY galaxie ORDER BY galaxie";
		$res = mysql_query($query) or die(mysql_error());
		if (mysql_num_rows($res) == 0) {
			echo '<tr class="tblhead"><td>'.USERINFO_DATA.'</td></tr>
				  <tr class="firstcolor"><td>'.USERINFO_NODATA.'</td></tr>'."\n";
		} else {
			echo '<tr class="tblhead"><td style="width:250px;" align="center">'.USERINFO_GALAXY.'</td><td align="center">'.USERINFO_SYSTEMS.'</td></tr>'."\n";
			while ($line = mysql_fetch_object($res)) {
				echo '<tr class="firstcolor"><td align="center">'.$line->galaxie.'</td><td align="center">'.$line->anzahl.'</td></tr>'."\n";
			}
		}
		echo "</table></td></tr>\n";
		
		// IP Info
		echo '
		<tr><td>
		<table class="standard" cellpadding="4" cellspacing="0" border="0" width="100%" style="margin-top:50px;">
		';	
		$query = "SELECT * FROM $iptablename WHERE userid='$userid' ORDER BY logintime DESC";
		$res = mysql_query($query) or die(mysql_error());
		if (mysql_num_rows($res) == 0) {
			echo '<tr class="tblhead"><td>'.USERINFO_IP.'</td></tr>
				  <tr class="firstcolor"><td>'.USERINFO_NOLOGIN.'</td></tr>
				  ';
		} else {
			echo '<tr class="tblhead"><td style="width:250px;">'.USERINFO_IP.'</td><td>'.USERINFO_LOGINTIME.'</td></tr>'."\n";
			while ($line = mysql_fetch_object($res)) {
				echo '<tr class="firstcolor"><td align="center">'.$line->ip.'</td><td align="center">'.$line->logintime.'</td></tr>'."\n";
			}
		}
		echo "</table></td></tr>\n";
		
		// end
		echo "</table>";
	} else {
		echo '<div align="center" class="firstcolor" class="failure">'.USERINFO_ERROR1.'</div>';
	}


}



makefooter();
?>